[Openid-specs-risc] Tomorrow's call
Atul Tulshibagwale
atultulshi at google.com
Mon Jul 6 16:33:36 UTC 2020
Hi all,
It will be great if you can review the updated draft of the spec and
provide your comments / feedback / questions beforehand, so that we can
make sufficient progress on the call tomorrow. The latest draft
incorporates pretty much all of the feedback from the virtual workshop and
earlier reviews, that was provided on the older version. To summarize the
latest changes:
1. Added "common claims" to subjects, which include the SPAG ID and
subject category (whether the subject is a user, device or session). These
may be included in a subject claim of any type.
2. Added more examples of various subject constructions in SSE SETs
3. Added a SAML subject type
4. Added examples of when certain error codes may / must be responded
with (section 8.1.1.1) and one in section 8.1.1.2
5. Clarified language in Security Considerations for SPAGs (section
8.3.4)
Other minor changes.
Please review the new draft here
<https://docs.google.com/document/d/15zf0kwJhrrteDW-wA8iMwTVFQo2CK6kKK5kNq2IkLuM/edit?usp=sharing>
.
Thanks,
Atul
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20200706/b322a2dc/attachment.html>
More information about the Openid-specs-risc
mailing list